Skip to main content

CVE-2023-29839

Description

A Stored Cross Site Scripting (XSS) vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands. The vulnerable fields are Surname, Name, and Nickname in the Document function.

NVD
Severity: MEDIUM
CVE ID: CVE-2023-29839
CVSS Score: 5.4
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Refrence: NVD MITRE

Proof Of Concept

jichngan

Hotel Druid 3.0.4 Stored Cross Site Scripting Vulnerability

Refrence: GitHub

Description
Proof Of Concept